Ron, Great catch -- thanks!
I think S4.1.5 should be reworded to say that network devices SHOULD NOT drop packets because they contain this option (may drop them for other reasons, like S4.6.5, even when containing a NOOP) Thanks, -- Carlos. On Feb 19, 2013, at 9:19 AM, Ronald Bonica <[email protected]> wrote: > Folks, > > One picky point of grammar..... > > In section 4.6.5 you say, "Routers, security gateways, and firewalls SHOULD > drop IP packets containing a Stream Identifier option." However, in Section > 4.1.5 you say, "Routers, security gateways, and firewalls SHOULD NOT drop > packets containing this [the end of options list] option." > > So, how should a device behave when it receives a packet containing both? > Clearly, you want to drop the packet, but that document doesn't say that. > > Ron > > >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] On Behalf >> Of Warren Kumari >> Sent: Monday, February 18, 2013 1:46 PM >> To: [email protected]; draft-ietf-opsec-ip-options- >> [email protected] >> Cc: Warren Kumari >> Subject: [OPSEC] Start of WGLC for draft-ietf-opsec-ip-options- >> filtering >> >> Dear OpSec WG, >> >> This starts a Working Group Last Call for draft-ietf-opsec-ip-options- >> filtering. >> >> The draft is available here: https://datatracker.ietf.org/doc/draft- >> ietf-opsec-ip-options-filtering/ >> >> Please review this draft to see if you think it is ready for >> publication. >> >> Send comments to the list, clearly stating your view. >> >> This WGLC ends Mon 04-Mar-2013. >> >> Thanks, >> Warren Kumari >> (as OpSec WG co-chair) >> >> >> -- >> "Real children don't go hoppity-skip unless they are on drugs." >> >> -- Susan, the ultimate sensible governess (Terry Pratchett, >> Hogfather) >> >> >> >> >> _______________________________________________ >> OPSEC mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/opsec > > > _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
